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ADVISORY OVERVIEW 


May 11, 2004 - Qualys™ Vulnerability R&D Lab has released a new 
vulnerability signature in the QualysGuard® Web Service to protect 
organizations against a new Microsoft® Windows™ vulnerability that was 
announced earlier today. Customers can immediately audit their 
networks for this and other new vulnerabilities by accessing their 
QualysGuard subscription. 


VULNERABILITY DETAILS 


Microsoft’s May 2004 Security Bulletin announced the existence of a new 
vulnerability affecting multiple versions of Microsoft Windows. This 
vulnerability could potentially allow an attacker to execute malicious 
code on a vulnerable host. 


This new vulnerability is: 


1. A vulnerability in Microsoft® Windows, described in Microsoft 
Security Bulletin MSO04-0015 (CAN-2004-0199). This vulnerability 
could allow an attacker, who successfully exploited the 
vulnerability, to take complete control of the affected system. An 
attacker could then take any action on the affected system, 
including installing programs; viewing, changing, or deleting data; 
or creating new accounts that have full privileges. Microsoft has 
rated this vulnerability Critical and recommends that users update 
their systems immediately. 
http ://www.microsoft.com/technet/security/bulletin/MS04- 
015.mspx 


HOW TO PROTECT YOUR NETWORK 


Audits for the Microsoft May 2004 Security Bulletin vulnerabilities are 
already available in the QualysGuard vulnerability management platform. 
A default scan will detect these issues and is the recommended detection 
method. In addition QualysGuard users can perform a selective scan for 
these specific vulnerabilities using the following checks: 


e "Microsoft Windows Help And Support Center URL 


Validation Buffer Overflow Vulnerability" 
o Qualys ID: 90111 
o Limit the scan to TCP ports 139 and 445 
o Windows login required 
o Additionally, enable the "Windows Host Name" signature with 
Qualys ID 82044 if you want to report on vulnerable hosts by 
Windows (NetBIOS) machine name. 


TECHNICAL SUPPORT 


For more information, customers may contact Qualys Technical Support 


directly at support@qualys.com or by telephone toll free at: 
US: 1 866.801.6161 | EMEA: 33 1 44.17.00.41 | UK: +44 1753 872102 


ABOUT QUALYSGUARD 


QualysGuard is an on-demand security audit service delivered over the 
web that enables organizations to effectively manage their vulnerabilities 
and maintain control over their network security with centralized reports, 
verified remedies, and full remediation workflow capabilities with trouble 
tickets. QualysGuard provides comprehensive reports on vulnerabilities 
including severity levels, time to fix estimates and impact on business, 
plus trend analysis on security issues. By continuously and proactively 
monitoring all network access points, QualysGuard dramatically reduces 
security managers’ time researching, scanning and fixing network 
exposures and enables companies to eliminate network vulnerabilities 
before they can be exploited. 


Access for QualysGuard customers: https://qualysquard.qualys.com 


Free trial of QualysGuard service: 
http ://www.qualys.com/forms/trials/qualysquard trial 
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